Hi,
I run a number of Tor Relays, including exit nodes, in Singapore.
I have recieved a request from the Singapore Police, who are investigating a case of "unauthorised payments via Paypal". They have asked for the customer to whom I have assigned the IP address (the request is because I am the whois contact for the network).
Is there any other Singapore operator on the list who has experience?
Hi Sanjeev,
I'm new to relay operating, but I am considering funding one or two in Singapore, so I am interested to hear how this plays out.
For lack of better advice: Read the FAQ and template abuse responses:
https://www.torproject.org/docs/faq-abuse.html.en#TypicalAbuses
https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates
https://www.torservers.net/wiki/abuse/templates
https://www.torproject.org/eff/tor-dmca-response.html.en (not directly applicable)
The common theme I saw was reading the above, was to respond in a friendly way, educating them about Tor, some of it most important purposes (not sure if Singapore would be pro- or anti- censorship, even of Iranians and Syrians?), and that the connection did not originate with you; that Tor has reputable sponsors; and then offer some basic suggestions about how they might approach the problem. In some cases, offer to help in certain ways, such as a reduced exit policy blocking certain ports (although this will just redirect the abusers to other exit nodes), and provide likes to automated data available to determine if connections are coming from Tor so that websites can respond appropriately (such as implementing additional security checks or, if appropriate, temporarily blocking Tor connections). In some cases, offer to follow up with them in a week.
I didn't see it recommended to start off short with them, ignore them, or say "get a court order, and then talk to my lawyer".
Foster cooperation and understanding, and hope for a friend-of-Tor attitude.
Asa
From: tor-relays-bounces@lists.torproject.org [mailto:tor-relays-bounces@lists.torproject.org] On Behalf Of Sanjeev Gupta Sent: Thursday, April 25, 2013 8:58 AM To: tor-relays@lists.torproject.org Subject: [tor-relays] Any operators in Singapore?
Hi,
I run a number of Tor Relays, including exit nodes, in Singapore.
I have recieved a request from the Singapore Police, who are investigating a case of "unauthorised payments via Paypal". They have asked for the customer to whom I have assigned the IP address (the request is because I am the whois contact for the network).
Is there any other Singapore operator on the list who has experience?
Addendum:
In the e-commerce rfaud template on the Tor Wiki, it ends with the folowing interesting paragraph:
"In fact, in my experience, the fraud processing teams contracted by
many ISPs simply mark all requests from Tor nodes as fraud using that
very list. So it is even possible this is a legitimate order, but was
flagged as fraud solely based on IP, especially if you contract out
fraud detection to a third party."
Interesting possibility, that calls for the police to immediately dismiss the complaint if found applicable.
They were a bit vague as to exactly what behavior Paypal (or someone else?) has complained about.
Asa
From: Asa
Hi Sanjeev,
I'm new to relay operating, but I am considering funding one or two in Singapore, so I am interested to hear how this plays out.
For lack of better advice: Read the FAQ and template abuse responses:
https://www.torproject.org/docs/faq-abuse.html.en#TypicalAbuses
https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates
https://www.torservers.net/wiki/abuse/templates
https://www.torproject.org/eff/tor-dmca-response.html.en (not directly applicable)
The common theme I saw was reading the above, was to respond in a friendly way, educating them about Tor, some of it most important purposes (not sure if Singapore would be pro- or anti- censorship, even of Iranians and Syrians?), and that the connection did not originate with you; that Tor has reputable sponsors; and then offer some basic suggestions about how they might approach the problem. In some cases, offer to help in certain ways, such as a reduced exit policy blocking certain ports (although this will just redirect the abusers to other exit nodes), and provide likes to automated data available to determine if connections are coming from Tor so that websites can respond appropriately (such as implementing additional security checks or, if appropriate, temporarily blocking Tor connections). In some cases, offer to follow up with them in a week.
I didn't see it recommended to start off short with them, ignore them, or say "get a court order, and then talk to my lawyer".
Foster cooperation and understanding, and hope for a friend-of-Tor attitude.
Asa
From: tor-relays-bounces@lists.torproject.org [mailto:tor-relays-bounces@lists.torproject.org] On Behalf Of Sanjeev Gupta Sent: Thursday, April 25, 2013 8:58 AM To: tor-relays@lists.torproject.org Subject: [tor-relays] Any operators in Singapore?
Hi,
I run a number of Tor Relays, including exit nodes, in Singapore.
I have recieved a request from the Singapore Police, who are investigating a case of "unauthorised payments via Paypal". They have asked for the customer to whom I have assigned the IP address (the request is because I am the whois contact for the network).
Is there any other Singapore operator on the list who has experience?
tor-relays@lists.torproject.org